Mat Newman February 22 2011 09:13:25

Came across this at a new client site today, the client knows the Domino Administrators password, but cannot use the Administration client (or any Notes client) with the Administrators ID file, because the Administrators ID file certificates have expired.

It's a pretty simple thing to fix.

EITHER:

Use your server's Notes client to recertify the Administrator.

OR

Get hold of an ID file for a user who hasn't expired,

Add that user to the 'LocalDomainAdmins' group,

Access the Domino Directory on the server and recertify the Admin ID,

Remove the user from the 'LocalDomainAdmins' group,

Done.

The details:

Using a server.

Go to the physical domino server,

Browse to the Domino program folder,

Locate nlnotes.exe,

Run it.

Yes I KNOW this is not a 'supported configuration' but hey, it Domino - #ThisS***JustWorks.

You now have a notes client, which you can use to access the names.nsf locally (the Domino Directory),

Go to 'People',

Choose (highlight) the Administrator,

Choose (from the menu) ACTIONS -> Recertify Selected People,

Choose the Administrators organization certifier,

Enter the certifier password.

Choose a date a long time from now (you WANT your Admin ID file to expire every two years???),

Done.

The Long way - elevate another user.

If you know the Administrators password, there is a fair chance you can still access the Domino Web Administrator using that password:

Log-in to the Webadmin using: http://yourserver.com/webadmin.nsf and the Administrators Username and Password,

Go to 'People and Groups',

Edit the 'LocalDomainAdmins' group to include the users name who's ID file has not expired,

@1, Paul: Noted, thanks mate. Client was actually on R5 (no comments please!) so no issue, versions R6 & 7 are safe for above, but yes - there *can* potentially be problems doing the 'server fix' with 8.*. In that case, use the 'Elevated User' method to resolve.

@4, Albert: No NlNotes is not icluded in Domino server install anymore. You will only find it after an upgrade from previous releses.

@5, 6, 7: Keith and Greg, that's what makes our community so LEGENDARY! Post a solution and get more in reply. Do you guys mind if I consolidate these into a Wiki article on Notes.net (ldd)?

And yes folks the quick'n'dirty nlnotes.exe on the server solution as highlighted by Paul and Keith - IF it's avalaible - *may* cause issues with your system. The longer - but safer - solution is the 'elevated user' option, especially in an 8.* environment.

I have a strange situation. We have a Domino Traveler server 8.5 in a standalone domain since our organization is still on R7. Admin ID was certified before it expired on it, but it is still giving error message, "Server error: Certificate has expired." I have followed all the procedures to recertify the admin ID in the local server through Admin console and replaced the old ID file with the newly certified ID. I am still unable to open up Names.nsf with this ID file. Also another thing that when I recertify admin ID it shows expiration date for 2050 and new certify date for 2015. Thus ID should work and system should not prompt for expiration. What should I do to correct this error message?? Any help will be appreciated.

its an epic fail for me i could not fix the expired certificate of my admin can anyone help me with some screenshoot and step by step how to do it kindly send me the solutions of my problem to my Administrator Expired Certificate... thank you and god bless...

I have certified the id to another year. but when i tried to certify it again, the date did not apply although there was a notice from the recertification that the process was successfully applied. no matter how many times i recertify, the date does not change.

we have a user who upon login to Lotus Notes 8 (Basic ) , getting error your certificate has been expired . But when I checked on Domino Admin console , user ID isn't present there . So a bit confused , how come user is able to login with out having an entry on the Domino Admin console.

A slight variation on the above is causing me a major headache. Not only have ALL IDs expired (we only have five), but there is no machine currently with the Admin Console installed on it. When we try to install the Console and set it up with the expired Administrator ID, it simply boots us out when we enter the password. Because of this, we can't get into a Local server to follow any instructions.

We've tried the NLNotes method but the recertify option doesn't appear under the Action menu.